Mobile Device Support - iPhone Security Best Practices

Summary

This article provides iPhone security best practices.

Body

Navigation

Select a link below to jump to that section:

Don't Jailbreak your phone.

  • The iPhone's biggest protection against viruses is that it will only download vetted software from the App Store. If a piece of software is not signed as approved by Apple, it can't run on an iPhone. Jailbreaking an iPhone disables the inherent iOS security, making the phone more vulnerable to attacks.

Back to Top

Enable a passcode

  • iPhone default is a 4-digit number, this can be improved by enabling complex pass codes and utilizing longer pass code and a full keyboard. 
     
  • Go to Settings >> Passcode (or Touch ID and passcode) >> Require passcode: immediately >> Simple passcode: off.

Back to Top

Set screen Auto-lock

  • Set the phone to auto lock after a set time period of inactivity, i.e. 1 or 2 minutes.
  • Go to Settings >> General >> Auto-Lock: 2 minutes.

Back to Top

Lock Screen notifications

  • Consider what data could come from lock screen notifications. Messages, emails and appointments could have the potential to leak sensitive data. Only permit the minimum number of notification applications and lines displayed.

Back to Top

Disable Siri on a lock screen

  • Siri is a great Phone feature, however Siri can communicate with anyone, not just with an owner of the device it works on. Anybody can use Siri on a lock screen while you're away from your iPhone. It's not necessary to turn it off completely, but you will be much more secure if you prevent it from activating from a lock screen or on a Hey Siri voice command. 
  • Go to Settings >> Passcode (or Touch ID and passcode) >> Allow access when locked section >> Siri: off and Settings >> General > Siri >> Allow Hey Siri: off.

Back to Top

Enable two-step verification for Apple ID and iCloud

  • When you set up two-step verification, you register one or more trusted devices (devices you control) that can receive 4-digit verification codes using either SMS or the Find My iPhone service. Then, any time you sign in to manage your Apple ID, sign in to the iCloud, or make an iTunes, iBooks, or App Store purchase from a new device, you'll need to verify your identity by entering both your password and a 4-digit verification code.
  • Go to https://appleid.apple.com >> Manage your Apple ID >> Password and Security >> Two-Step Verification.

Back to Top

Discard automatic WiFi connections to known networks

  • While automatically joining known networks is a convenient thing, an attacker can set up a rogue WiFi hotspot with the name of a known good connection to perform a man-in-the-middle web attack. To help combat this type of attack, disable this feature, or have your device notify you before it connects to a known WiFi connection.
  • Go to Settings >> Wi-Fi >> Ask to join networks: on.

Back to Top

Enable Find My iPhone within iCloud

  • With Find My iPhone turned on, if your phone is lost or stolen, you can locate it, display a message on the screen, play a sound for two minutes, and lock and/or wipe the device remotely.

Back to Top

Encrypt Backups

  • If you sync your iPhone with your computer, the data from your phone is also stored on your desktop or laptop. That means that the data is potentially accessible by people who can get at your computer. Secure that data by encrypting those backups, requiring a password to decrypt.
  • Open iTunes and connect your iPhone or iPod touch. On the main sync page, in the Options section for your device, check the box named Encrypt iPhone backup, and set a password for the backup. Now, if you want to restore from that backup, you'll need to know the password.

Back to Top

Install an Anti-malware program

  • While the iOS of a standard, smartphone is very secure, and most applications must be downloaded from the App Store, this does not mean the phone is invincible from attack. Security settings in iPhone do not enable full AV functions, but you can use AV programs on demand to check files as they are downloaded.
  • McAfee, Norton, Kaspersky and Trend Micro all have anti-malware/anti-virus apps in the App Store for download. 
  • Kaspersky and Web Root offer secure web browsers that scan for malicious URLs.

Back to Top

Password Manager

  • Several apps allow you to securely manage and create strong passwords. LastPass encrypts your password database on your device before storing into a cloud. Only you can unlock your password database. (available in App Store)

Back to Top

Details

Details

Article ID: 1429
Created
Mon 4/24/23 11:36 AM
Modified
Wed 6/28/23 1:57 PM

Related Services / Offerings

Related Services / Offerings (1)